Re: large binary, why not strip ?
On Thu, 27 Nov 2008 07:32:23 + Matthew Seaman [EMAIL PROTECTED] wrote: Paul B. Mahol wrote: On 11/26/08, Matthew Seaman [EMAIL PROTECTED] wrote: Matthew Seaman wrote: Kris Kennaway wrote: Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) but it's the obvious place to put such a test. Probably cleaner to create a whole new target, but that's going to duplicate some code. H... I shall work up some patches, probably over the weekend, so there's something substantive to talk about. Done: ports/129210 For the record, I also discovered that, contrary to what I said earlier, there is apparently one class of binary object that will not work correctly if stripped: kernel loadable modules. Kernel loadable modules are already stripped (--strip-debug). KLDs aren't stripped in a way that file(1) recognises: happy-idiot-talk:/boot/kernel:% file if_em.ko if_em.ko: ELF 32-bit LSB shared object, Intel 80386, version 1 (FreeBSD), dynamically linked, not stripped Unfortunately file(1) seems to be about the only tool available to test a priori whether a binary object is stripped or not. It's possible that objdump(1) or readelf(1) could do a similar thing, but I can't work it out from those man pages. It seems nm also tells you fairly simply whether a file contains symbols or not: nm /bin/ls nm: /bin/ls: no symbols nm /usr/local/bin/a2p 004030d0 T Myfatal 00510308 D No 0051a200 B Str 00510300 D Yes 00519e00 A _DYNAMIC [...] KLD .ko files are built with full debug data but the source information (filenames, line numbers etc.) is stripped out into separate .ko.symbols files, in a similar way that Windows uses .PDB files; it lets you store the debug information separately and only match them up if something goes wrong. To see if a binary contains source data, you can run 'readelf -w'; no output seems to mean it couldn't find any data. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kris Kennaway wrote: On Mon, Nov 17, 2008 at 06:40:34PM +, Masoom Shaikh wrote: On Mon, Nov 17, 2008 at 5:21 PM, Kris Kennaway [EMAIL PROTECTED] wrote: On Sun, Nov 16, 2008 at 12:56:31PM +0100, Wojciech Puchar wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. I am confused why both of you are seeing most of the programs installed this way. Can you confirm that this is true and not just an exaggeration? As Matthew says, there are some ports that fail to strip their binaries because of how they install files (using cp etc). These are bugs that should be reported to their maintainers on a case by case basis. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] Before sending mail I manually stripped * in /usr/local/bin else I cud send u the o/p of `ls -lhS` yes, most is bit exaggerated...I perhaps was talking about first five binaries listed in increasing order of size... Yeah the largest binaries are likely to be unstripped. You can use pkg_which (part of portupgrade) to work out which ports they came from, then send the mainainer a polite email and/or PR request that they be installed stripped. Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. I was going to do some work on this except $file *|grep not stripped $ - -- Eitan Adler GNU Key fingerptrint: 2E13 BC16 5F54 0FBD 62ED 42B6 B65F 24AB E9C2 CCD1 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkkux3oACgkQtl8kq+nCzNEWwgCglRkz0Il3/bLJazVszuRf69f1 pegAoI/paoyYAz4hqRZhdWuUb6WJk+tK =fGB3 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
Matthew Seaman wrote: Kris Kennaway wrote: Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) but it's the obvious place to put such a test. Probably cleaner to create a whole new target, but that's going to duplicate some code. H... I shall work up some patches, probably over the weekend, so there's something substantive to talk about. Done: ports/129210 For the record, I also discovered that, contrary to what I said earlier, there is apparently one class of binary object that will not work correctly if stripped: kernel loadable modules. As others have commented, most shlibs installed from ports aren't stripped. The same applies to almost any sort of pluggable module (perl, PHP etc.) that I have been able to investigate. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: large binary, why not strip ?
On 11/26/08, Matthew Seaman [EMAIL PROTECTED] wrote: Matthew Seaman wrote: Kris Kennaway wrote: Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) but it's the obvious place to put such a test. Probably cleaner to create a whole new target, but that's going to duplicate some code. H... I shall work up some patches, probably over the weekend, so there's something substantive to talk about. Done: ports/129210 For the record, I also discovered that, contrary to what I said earlier, there is apparently one class of binary object that will not work correctly if stripped: kernel loadable modules. Kernel loadable modules are already stripped (--strip-debug). -- Paul ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
Paul B. Mahol wrote: On 11/26/08, Matthew Seaman [EMAIL PROTECTED] wrote: Matthew Seaman wrote: Kris Kennaway wrote: Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) but it's the obvious place to put such a test. Probably cleaner to create a whole new target, but that's going to duplicate some code. H... I shall work up some patches, probably over the weekend, so there's something substantive to talk about. Done: ports/129210 For the record, I also discovered that, contrary to what I said earlier, there is apparently one class of binary object that will not work correctly if stripped: kernel loadable modules. Kernel loadable modules are already stripped (--strip-debug). KLDs aren't stripped in a way that file(1) recognises: happy-idiot-talk:/boot/kernel:% file if_em.ko if_em.ko: ELF 32-bit LSB shared object, Intel 80386, version 1 (FreeBSD), dynamically linked, not stripped Unfortunately file(1) seems to be about the only tool available to test a priori whether a binary object is stripped or not. It's possible that objdump(1) or readelf(1) could do a similar thing, but I can't work it out from those man pages. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: large binary, why not strip ?
On Wed, Nov 19, 2008 at 5:38 AM, Jeremy Chadwick [EMAIL PROTECTED] wrote: On Sun, Nov 16, 2008 at 08:42:12AM +, Masoom Shaikh wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? do I miss anything ? I haven't seen anyone point out the downside to stripping binaries and libraries: removal of debugging symbols. Agreed. But not every 'user' is interested in backtrace. It can be argued user can send the trace to someone who is. Well my only point is choice, I should have choice to install un-stripped bins only if I wish, since for those who have no idea what such symbols are, backtrace is some kind of boring text. I don't like bins for which `nm` does not give me symbols :) I was just wondering if installing stripped bins may save small space for those of whom PC means mail, IM, mp3, orkut etc The apebajs program suddenly crashes in some library, here's the now-completely-useless backtrace. The user is then forced to go back and recompile *everything* to get debugging symbols. The non-stripping situation is on a per-port basis, AFAIK. Not all ports have WITH_DEBUG. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On 11/17/08, Masoom Shaikh [EMAIL PROTECTED] wrote: On Mon, Nov 17, 2008 at 5:21 PM, Kris Kennaway [EMAIL PROTECTED] wrote: On Sun, Nov 16, 2008 at 12:56:31PM +0100, Wojciech Puchar wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. I am confused why both of you are seeing most of the programs installed this way. Can you confirm that this is true and not just an exaggeration? As Matthew says, there are some ports that fail to strip their binaries because of how they install files (using cp etc). These are bugs that should be reported to their maintainers on a case by case basis. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] Before sending mail I manually stripped * in /usr/local/bin And what about /usr/local/lib/** ? else I cud send u the o/p of `ls -lhS` yes, most is bit exaggerated...I perhaps was talking about first five binaries listed in increasing order of size... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On Nov 18, 2008, at 8:45 AM, Paul B. Mahol wrote: And what about /usr/local/lib/** ? Interesting. I found that only 11 are stripped on my system compared to 272 not stripped That is pretty much the opposite of the ratio I round in /usr/local/ bin where there were something like 350 stripped and only 35 not stripped. Cheers, -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On Sun, Nov 16, 2008 at 08:42:12AM +, Masoom Shaikh wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? do I miss anything ? I haven't seen anyone point out the downside to stripping binaries and libraries: removal of debugging symbols. The apebajs program suddenly crashes in some library, here's the now-completely-useless backtrace. The user is then forced to go back and recompile *everything* to get debugging symbols. The non-stripping situation is on a per-port basis, AFAIK. Not all ports have WITH_DEBUG. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On Sun, Nov 16, 2008 at 12:56:31PM +0100, Wojciech Puchar wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. I am confused why both of you are seeing most of the programs installed this way. Can you confirm that this is true and not just an exaggeration? As Matthew says, there are some ports that fail to strip their binaries because of how they install files (using cp etc). These are bugs that should be reported to their maintainers on a case by case basis. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On Mon, Nov 17, 2008 at 5:21 PM, Kris Kennaway [EMAIL PROTECTED] wrote: On Sun, Nov 16, 2008 at 12:56:31PM +0100, Wojciech Puchar wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. I am confused why both of you are seeing most of the programs installed this way. Can you confirm that this is true and not just an exaggeration? As Matthew says, there are some ports that fail to strip their binaries because of how they install files (using cp etc). These are bugs that should be reported to their maintainers on a case by case basis. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] Before sending mail I manually stripped * in /usr/local/bin else I cud send u the o/p of `ls -lhS` yes, most is bit exaggerated...I perhaps was talking about first five binaries listed in increasing order of size... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
On Mon, Nov 17, 2008 at 06:40:34PM +, Masoom Shaikh wrote: On Mon, Nov 17, 2008 at 5:21 PM, Kris Kennaway [EMAIL PROTECTED] wrote: On Sun, Nov 16, 2008 at 12:56:31PM +0100, Wojciech Puchar wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. I am confused why both of you are seeing most of the programs installed this way. Can you confirm that this is true and not just an exaggeration? As Matthew says, there are some ports that fail to strip their binaries because of how they install files (using cp etc). These are bugs that should be reported to their maintainers on a case by case basis. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] Before sending mail I manually stripped * in /usr/local/bin else I cud send u the o/p of `ls -lhS` yes, most is bit exaggerated...I perhaps was talking about first five binaries listed in increasing order of size... Yeah the largest binaries are likely to be unstripped. You can use pkg_which (part of portupgrade) to work out which ports they came from, then send the mainainer a polite email and/or PR request that they be installed stripped. Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: large binary, why not strip ?
Kris Kennaway wrote: Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree. Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) but it's the obvious place to put such a test. Probably cleaner to create a whole new target, but that's going to duplicate some code. H... I shall work up some patches, probably over the weekend, so there's something substantive to talk about. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: large binary, why not strip ?
Masoom Shaikh wrote: most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? do I miss anything ? Yes. Binaries installed from the ports system /are/ already stripped by default. The official position is given here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/install.html#INSTALL-STRIP In practice it seems there are some exceptions -- this is what I found in /usr/local/bin on my machine (and pretty much everything in /usr/local/bin was installed from ports): happy-idiot-talk:/usr/local/bin:% file * | grep ', not stripped' | cut -f 1 -d: a2p adnsheloex adnsresfilter cancel cupstestdsc cupstestppd derb dkim-stats dkim-testkey dkim-testssp dumpreg encode_keychange fixnt genbrk gencnval genctd genrb gocr lp lpoptions lppasswd lpq lpr lprm lpstat makeconv nmap omshell openssl pdfimage php php-cgi pkgdata restorefont restorepalette restoretextmode snmpbulkget snmpdelta snmpdf snmpnetstat snmptable snmpusm snmpvacm sqlite3 swig swig1.3 tclsh8.4 uconv wish8.4 workmanir Arguably the fact that these programs aren't stripped is a bug that should be reported to the port maintainers. As far as I know, there is no circumstance where a binary has to be left unstripped in order to operate correctly, other than when it is required to run it under gdb(1). Hmmm that's something the ports build system should probably check on and complain about. On the other hand, compare that to the number of binaries that are stripped: happy-idiot-talk:/usr/local/bin:% file * | grep ', stripped' | wc -l 1206 Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: large binary, why not strip ?
most of the programs installed from ports have large binary size on disk stripping em all reduces their size dramatically I cannot see the reason for not stripping them by default ? me too do I miss anything ? no. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]